admin/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial: Add all homelab manifests

Browse Source
This commit is contained in:
mtkadmin
2026-03-20 00:05:50 +00:00
commit b538e87d69
33 changed files with 3036 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
k8s/pihole/deployment.yaml Normal file
View File

@@ -0,0 +1,58 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: pihole
namespace: pihole
labels:
app: pihole
spec:
replicas: 1
selector:
matchLabels:
app: pihole
template:
metadata:
labels:
app: pihole
spec:
containers:
- name: pihole
image: pihole/pihole:latest
env:
- name: TZ
value: "Europe/Berlin"
- name: WEBPASSWORD
valueFrom:
secretKeyRef:
name: pihole-secret
key: password
- name: PIHOLE_DNS_
value: "1.1.1.1;1.0.0.1"
- name: DNSMASQ_LISTENING
value: "all"
ports:
- containerPort: 80
name: web
protocol: TCP
- containerPort: 53
name: dns-tcp
protocol: TCP
- containerPort: 53
name: dns-udp
protocol: UDP
volumeMounts:
- name: pihole-data
mountPath: /etc/pihole
- name: dnsmasq-data
mountPath: /etc/dnsmasq.d
securityContext:
capabilities:
add:
- NET_ADMIN
volumes:
- name: pihole-data
persistentVolumeClaim:
claimName: pihole-data
- name: dnsmasq-data
persistentVolumeClaim:
claimName: pihole-dnsmasq

23
k8s/pihole/ingress.yaml Normal file
View File

@@ -0,0 +1,23 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: pihole-web
namespace: pihole
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
spec:
tls:
- hosts:
- pihole.192.168.11.180.nip.io
rules:
- host: pihole.192.168.11.180.nip.io
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: pihole-web
port:
number: 80

11
k8s/pihole/kustomization.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: pihole
resources:
- namespace.yaml
- pvc.yaml
- deployment.yaml
- services.yaml
- ingress.yaml

4
k8s/pihole/namespace.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: pihole

26
k8s/pihole/pvc.yaml Normal file
View File

@@ -0,0 +1,26 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pihole-data
namespace: pihole
spec:
accessModes:
- ReadWriteOnce
storageClassName: longhorn
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pihole-dnsmasq
namespace: pihole
spec:
accessModes:
- ReadWriteOnce
storageClassName: longhorn
resources:
requests:
storage: 128Mi

56
k8s/pihole/services.yaml Normal file
View File

@@ -0,0 +1,56 @@
---
# DNS TCP Service (LoadBalancer with fixed IP)
apiVersion: v1
kind: Service
metadata:
name: pihole-dns-tcp
namespace: pihole
annotations:
metallb.universe.tf/loadBalancerIPs: 192.168.11.181
metallb.universe.tf/allow-shared-ip: pihole-dns
spec:
type: LoadBalancer
externalTrafficPolicy: Local
selector:
app: pihole
ports:
- name: dns-tcp
port: 53
targetPort: 53
protocol: TCP
---
# DNS UDP Service (LoadBalancer with fixed IP)
apiVersion: v1
kind: Service
metadata:
name: pihole-dns-udp
namespace: pihole
annotations:
metallb.universe.tf/loadBalancerIPs: 192.168.11.181
metallb.universe.tf/allow-shared-ip: pihole-dns
spec:
type: LoadBalancer
externalTrafficPolicy: Local
selector:
app: pihole
ports:
- name: dns-udp
port: 53
targetPort: 53
protocol: UDP
---
# Web UI Service (ClusterIP, exposed via Ingress)
apiVersion: v1
kind: Service
metadata:
name: pihole-web
namespace: pihole
spec:
type: ClusterIP
selector:
app: pihole
ports:
- name: web
port: 80
targetPort: 80
protocol: TCP